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WHAT IS CLAIMED IS: 

1 1 . A method for managing digital rights of software on a computer system, comprising: 

2 encrypting at least a portion of an executable file to generate an encrypted executable file; 

3 writing the encrypted executable file to a host location on the computer system during 

4 installation of software including the encrypted executable file; and 

5 providing a loader for the encrypted executable file wherein the loader is operable to 

6 authenticate the encrypted executable file and cause the encrypted executable file to run on the 

7 computer system. 

i&l 2. The method of claim 1 wherein the portion of the executable file comprises initial 

D 2 variables of the executable file. 

Isj 1 3. The method of claim 1 further comprising executing the encrypted executable file. 



ji i 4. The method of claim 3 wherein executing the encrypted executable file comprises: 

□ 2 authenticating the encrypted executable file; 

3 writing the encrypted executable file to a memory location of the computer system; 

4 decrypting the portion of the encrypted executable file; and 

5 running the decrypted portion of the encrypted executable file. 

1 5. The method of claim 4 wherein authenticating the encrypted executable file comprises 

2 confirming that rights in a rights document are satisfied. 

1 6. The method of claim 5 wherein the rights document is appended to the encrypted 

2 executable file. 
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1 7. The method of claim 5 wherein confirming that rights in a rights document have been 

2 satisfied comprises determining whether the computer system is an authorized computer system 

3 on which the software is authorized to be installed. 

1 8. The method of claim 5 wherein the rights document is an extensible markup language 

2 (XML) file. 

1 9. The method of claim 4 wherein the authenticating, writing and decrypting are 

2 performed by the loader. 

ifU 10. The method of claim 4 wherein authenticating the encrypted executable file comprises 

■■^2 determining whether the encrypted executable file may be executed on the computer system. 

H j.l 11. The method of claim 4 wherein authenticating the encrypted executable file comprises 

L2 accessing a central rights database via a communication pathway associated with the computer 

SI 3 system. 



H ; 1 12. The method of claim 1 1 further comprising managing the central rights database via a 

2 remotely located server. 

1 13. The method of claim 12 wherein managing the central rights database comprises 

2 modifying usage rights of the software. 

1 14. The method of claim 1 1 wherein the communication pathway includes an Internet 

2 connection. 

1 15. The method of claim 1 further comprising tracking usage of the software. 
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1 16. The method of claim 15 wherein tracking usage of the software comprises gathering 

2 information about the usage of the software via a communication pathway associated with the 

3 computer system, 

1 17. The method of claim 1 wherein the executable file can be executed via only the loader. 

1 18. The method of claim 1 wherein the loader comprises software code specifically 

2 written to authenticate, load, decrypt and execute the encrypted executable file in a manner 

3 transparent to an end-user. 

?fll 19. The method of claim 1 wherein the executable file comprises an executable binary file. 

1:0 1 20. The method of claim 1 wherein the executable file comprises a header portion, a code 

h|2 portion and a data portion, and wherein encrypting at least a portion of an executable file 

L 3 comprises encrypting at least one of the code portion and the data portion. 

J-LJl 21 . A system for managing digital rights of software, comprising: 

r ~" 2 a computer including a communication device operable to communicate, via a 

3 communication pathway, with other electronic devices that are remote from the computer; 

4 a remote authentication device in communication with the communication device via the 

5 communication pathway; and 

6 software operable to be installed and run on the computer wherein the software comprises: 

7 an executable file, and 

8 an authentication loader program operable to authenticate and enable running of the 

9 executable file, 

10 wherein the software is structured and arranged such that installation of the 

1 1 software is accomplished based on whether the remote authentication device permits the software 
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12 to be installed on the computer, and running of the software is accomplished based on whether the 

13 authentication loader program permits the software to be run on the computer. 

1 22, The system of claim 21 wherein the computer further comprises a memory storage 

2 device operable to store digital information including the software, and a random access memory 

3 unit, the system further comprising a software installer program operable, based on whether the 

4 remote authentication device permits the software to be installed on the computer, to: 

5 encrypt at least a portion of an executable file of the software, thereby generating 

6 an encrypted executable file, 

7 append the authentication loader program to the encrypted executable file, and 

write the authentication loader program and the encrypted executable file to the 
; y9 memory storage device of the computer. 



p , 1 23. The system of claim 2 1 wherein the computer further comprises a memory storage 

si 2 device operable to store digital information including the software, and a random access memory 

C= 3 unit, and wherein the authentication loader program is operable to: 

if 1 4 determine whether the executable file may be executed on the computer by 

! !a f 5 authenticating the executable file, 

6 read the executable file from the memory storage device of the computer, 

7 identify a memory space in the random access memory unit for the executable file, 

8 write the executable file to the memory space for execution, and 

9 start the executable file of the software running. 

1 24. The system of claim 23 wherein at least a portion of an executable file of the software 

2 is encrypted and wherein the authentication loader program is further operable to decrypt the 

3 portion of the executable file that is encrypted before starting the executable file of the software 

4 running. 
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1 25. The system of claim 24 wherein the authentication loader program starts the 

2 executable file of the software running immediately after decrypting the portion of the executable 

3 file that is encrypted. 

1 26, The system of claim 23 wherein the remote authentication device is a server that 

2 manages a digital rights database wherein the authentication loader program includes code for 

3 causing the computer to access the remote authentication device to determine whether digital 

4 rights exist to run the software on the computer. 

1 27. The system of claim 23 wherein the authentication loader program includes code for 

Q2 authenticating the executable file by confirming that rights in a rights document are satisfied. 

;t 1 28. The system of claim 27 wherein the rights document is appended to the executable 

012 file, and wherein the rights document is encrypted. 

H 1 29. The system of claim 27 wherein the code for confirming that rights in the rights 

m 2 document are satisfied is operable to determine whether the computer is an authorized computer 

f-f 3 on which the software is authorized to be installed. 

1 30, The system of claim 27 wherein the rights document includes an extensible markup 

2 language (XML) file. 

1 31. The system of claim 21 wherein at least a portion of the executable file installed on the 

2 computer resides on the computer in encrypted format. 

1 32. The system of claim 3 1 wherein the executable file is an executable binary file 

2 comprising a header portion, a code portion and a data portion, and wherein the portion of the 

3 executable file that resides on the computer in encrypted format comprises at least one of the code 

4 portion and the data portion. 
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1 33. The system of claim 21 wherein the remote authentication device includes a server that 

2 manages a digital rights database including digital rights relating to the software, 

1 34. The system of claim 33 wherein the digital rights include a number of times a 

2 particular copy of the software is permitted to be installed. 

1 35. The system of claim 34 wherein the digital rights database is accessed during 

2 installation of the software, and wherein the remote authentication device is operable to 

3 automatically decrement the number of times the particular copy of the software is permitted to be 
*g4 installed when the digital rights database is accessed during installation of the software. 

ml 36. The system of claim 33 wherein the digital rights include a number of times a 

! - 12 particular installed copy of the software is permitted to be manipulated. 

y 1 37, The system of claim 36 wherein the digital rights database is accessed by the 

P 2 authentication loader program during authentication of the executable file, and wherein the remote 



\2 3 authentication device is operable to automatically decrement the number of times the particular 

4 installed copy of the software is permitted to be manipulated when the digital rights database is 

5 accessed during authentication of the executable file. 

1 38. The system of claim 36 wherein manipulation of the software includes installation, 

2 execution, printing, duplication and modification of the software. 

1 39. The system of claim 33 wherein the remote authentication device is operable to 

2 automatically modify the digital rights according to programmed criteria. 
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1 40. The system of claim 33 wherein the remote authentication device further comprises an 

2 interface through which the digital rights are modified by human intervention. 

1 41 . The system of claim 21 further comprising a software usage tracking unit wherein the 

2 software usage tracking unit is operable to gather and record information about usage of the 

3 software. 

1 42. The system of claim 41 wherein the remote authentication device comprises the 

2 software usage tracking unit. 

lQI 43. The system of claim 41 wherein the information about the usage of the software 

S2 includes a number of times a particular copy of the software is installed. 



i y 1 44. The system of claim 41 wherein the information about the usage of the software 

L 2 includes identities of computers onto which a particular copy of the software is installed or is 
H 3 attempted to be installed. 



M« 1 45. The system of claim 41 wherein the information about the usage of the software 

2 includes a number of times a particular copy of the software is run. 

1 46. The system of claim 21 wherein the communication pathway includes an Internet 

2 connection. 

1 47. The system of claim 21 wherein each installation of the software is unique, such that a 

2 duplicated copy of installed software will not run properly. 

1 48. The system of claim 21 wherein the remote authentication device permits an 

2 authorized backup copy of the software to function properly. 
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1 49. The system of claim 21 wherein the remote authentication device includes a server that 

2 manages a digital rights database wherein the digital rights database includes information about 

3 installation rights of individual copies of the software. 

1 50. The system of claim 21 wherein the executable file can be executed only by the 

2 authentication loader program. 

1 51. The system of claim 21 wherein the authentication loader program functions in a 

2 manner transparent to an end-user. 

Ol 52. A method for managing digital rights during installation of software on a computer 

m2 system, comprising: 

I.y3 accessing a digital rights database to determine whether the software is permitted to be 

™ 4 installed on the computer system wherein an installation program performs the following based on 

: J 5 whether the software is permitted to be installed on the computer system: 

P 6 encrypting at least a portion of an executable file to produce an encrypted 

ljl 7 executable file; 

8 appending a loader to the encrypted executable file; and 

9 writing the loader and the encrypted executable file to a host storage location on the 
1 0 computer system. 

1 53. The method of claim 52 further comprising tracking a number of times a particular 

2 copy of the software is installed. 

1 54. The method of claim 52 further comprising logging an identity of the computer system 

2 onto which a particular copy of the software is installed or is attempted to be installed. 
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1 55. The method of claim 52 wherein the digital rights database includes information about 

2 installation rights of individual copies of the software. 

1 56. The method of claim 52 further comprising duplicating the installation program 

2 wherein duplicated copies of the installation program do not function properly. 

1 57. The method of claim 52 further comprising installing the software on the computer 

2 system in a manner unique from other copies of the software installed on other computer systems 

3 such that a copy of the software installed on a first computer system will not work properly on a 

4 second computer system. 

1 58. The method of claim 52 further comprising generating an authorized backup copy of 

2 the software wherein the digital rights database permits the authorized backup copy of the 

3 software to function properly, 

1 59. The method of claim 52 wherein accessing a digital rights database comprises 

2 communicating between the computer system and the digital rights database via a communication 

3 pathway associated with the computer system. 

1 60. The method of claim 59 wherein the communication pathway includes an Internet 

2 connection. 

1 61. The method of claim 52 wherein the digital rights database includes an encrypted 

2 computer file located on the computer system. 

1 62. The method of claim 52 further comprising managing the digital rights database on a 

2 server remotely located from the computer system. 
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1 63. The method of claim 62 wherein managing the digital rights database comprises 

2 modifying digital rights of a particular copy of the software. 

1 64. The method of claim 63 wherein the digital rights include a number of times the 

2 particular copy of the software may be installed. 

1 65. The method of claim 64 wherein modifying the digital rights of a particular copy of 

2 the software comprises automatically decrementing the number of times the particular copy of the 

3 software may be installed when the central rights database is accessed during installation of the 

4 particular copy of the software. 

H .1 66. The method of claim 63 further comprising automatically modifying the digital rights 

;J2 of the particular copy of the software when the digital rights database is accessed during 

5:? J 

01 3 installation of the particular copy of the software. 

N 1 67. The method of claim 63 wherein the digital rights of the particular copy of the 

jfl 2 software are modified in the digital rights database via human intervention. 

1 68. The method of claim 52 wherein the executable file can be executed via only the 

2 loader. 

1 69. The method of claim 52 wherein the loader comprises software codes specifically 

2 written to authenticate, load, decrypt and execute the encrypted executable file in a manner 

3 transparent to an end-user. 

1 70. The method of claim 52 wherein the executable file is an executable binary file. 
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71 . The method of claim 52 wherein the executable file comprises a header portion, a code 
portion and a data portion, and wherein encrypting at least a portion of an executable file 
comprises encrypting at least one of the code portion and the data portion. 

72. The method of claim 52 wherein encrypting at least a portion of an executable file 
comprises utilizing a 256-bit encryption algorithm to encrypt the portion of the executable file. 

73. The method of claim 52 wherein the software further comprises the loader. 

74. The method of claim 52 wherein encrypting at least a portion of an executable file 
comprises encrypting all of the executable file. 

75. The method of claim 52 wherein encrypting at least a portion of an executable file 
comprises encrypting less than all of the executable file. 
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